summaryrefslogtreecommitdiff
path: root/Xext
diff options
context:
space:
mode:
authorAlan Coopersmith <alan.coopersmith@sun.com>2006-06-20 18:40:18 -0700
committerAlan Coopersmith <alanc@alf.(none)>2006-06-20 18:40:18 -0700
commita46c06dab8392cf8012c7cc0b916de9a9e569671 (patch)
tree21c6976d6406d7002e942a1dfc7728dba5e78d32 /Xext
parent49b368c0bb04816c4a3579071c596b2398cae3ec (diff)
parentd44b2a0a57fb89741173c31676af0ccc822387dc (diff)
Merge branch 'master' of git+ssh://git.freedesktop.org/git/xorg/xserver
Conflicts: Xext/appgroup.c Xext/security.c dix/devices.c dix/dispatch.c dix/dixutils.c dix/events.c dix/extension.c dix/property.c dix/window.c os/access.c
Diffstat (limited to 'Xext')
-rw-r--r--Xext/appgroup.c3
-rw-r--r--Xext/security.c2
-rw-r--r--Xext/securitysrv.h133
3 files changed, 135 insertions, 3 deletions
diff --git a/Xext/appgroup.c b/Xext/appgroup.c
index e182cadda..8db4cef01 100644
--- a/Xext/appgroup.c
+++ b/Xext/appgroup.c
@@ -45,8 +45,7 @@ from The Open Group.
#include <X11/extensions/Xagstr.h>
#include <X11/extensions/Xagsrv.h>
#include "xacestr.h"
-#define _SECURITY_SERVER
-#include <X11/extensions/security.h>
+#include "securitysrv.h"
#include <X11/Xfuncproto.h>
#define XSERV_t
diff --git a/Xext/security.c b/Xext/security.c
index 957f083a6..f80d46406 100644
--- a/Xext/security.c
+++ b/Xext/security.c
@@ -40,7 +40,7 @@ in this Software without prior written authorization from The Open Group.
#include "colormapst.h"
#include "propertyst.h"
#include "xacestr.h"
-#define _SECURITY_SERVER
+#include "securitysrv.h"
#include <X11/extensions/securstr.h>
#include <assert.h>
#include <stdarg.h>
diff --git a/Xext/securitysrv.h b/Xext/securitysrv.h
new file mode 100644
index 000000000..596eead0d
--- /dev/null
+++ b/Xext/securitysrv.h
@@ -0,0 +1,133 @@
+/*
+Copyright 1996, 1998 The Open Group
+
+Permission to use, copy, modify, distribute, and sell this software and its
+documentation for any purpose is hereby granted without fee, provided that
+the above copyright notice appear in all copies and that both that
+copyright notice and this permission notice appear in supporting
+documentation.
+
+The above copyright notice and this permission notice shall be included
+in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE OPEN GROUP BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+Except as contained in this notice, the name of The Open Group shall
+not be used in advertising or otherwise to promote the sale, use or
+other dealings in this Software without prior written authorization
+from The Open Group.
+*/
+
+/* Xserver internals for Security extension - moved here from
+ _SECURITY_SERVER section of <X11/extensions/security.h> */
+
+#ifndef _SECURITY_SRV_H
+#define _SECURITY_SRV_H
+
+/* Allow client side portions of <X11/extensions/security.h> to compile */
+#ifndef Status
+# define Status int
+# define NEED_UNDEF_Status
+#endif
+#ifndef Display
+# define Display void
+# define NEED_UNDEF_Display
+#endif
+
+#include <X11/extensions/security.h>
+
+#ifdef NEED_UNDEF_Status
+# undef Status
+# undef NEED_UNDEF_Status
+#endif
+#ifdef NEED_UNDEF_Display
+# undef Display
+# undef NEED_UNDEF_Display
+#endif
+
+
+#include "input.h" /* for DeviceIntPtr */
+#include "property.h" /* for PropertyPtr */
+#include "pixmap.h" /* for DrawablePtr */
+#include "resource.h" /* for RESTYPE */
+
+/* resource type to pass in LookupIDByType for authorizations */
+extern RESTYPE SecurityAuthorizationResType;
+
+/* this is what we store for an authorization */
+typedef struct {
+ XID id; /* resource ID */
+ CARD32 timeout; /* how long to live in seconds after refcnt == 0 */
+ unsigned int trustLevel; /* trusted/untrusted */
+ XID group; /* see embedding extension */
+ unsigned int refcnt; /* how many clients connected with this auth */
+ unsigned int secondsRemaining; /* overflow time amount for >49 days */
+ OsTimerPtr timer; /* timer for this auth */
+ struct _OtherClients *eventClients; /* clients wanting events */
+} SecurityAuthorizationRec, *SecurityAuthorizationPtr;
+
+/* The following callback is called when a GenerateAuthorization request
+ * is processed to sanity check the group argument. The call data will
+ * be a pointer to a SecurityValidateGroupInfoRec (below).
+ * Functions registered on this callback are expected to examine the
+ * group and set the valid field to TRUE if they recognize the group as a
+ * legitimate group. If they don't recognize it, they should not change the
+ * valid field.
+ */
+extern CallbackListPtr SecurityValidateGroupCallback;
+typedef struct {
+ XID group; /* the group that was sent in GenerateAuthorization */
+ Bool valid; /* did anyone recognize it? if so, set to TRUE */
+} SecurityValidateGroupInfoRec;
+
+/* Proc vectors for untrusted clients, swapped and unswapped versions.
+ * These are the same as the normal proc vectors except that extensions
+ * that haven't declared themselves secure will have ProcBadRequest plugged
+ * in for their major opcode dispatcher. This prevents untrusted clients
+ * from guessing extension major opcodes and using the extension even though
+ * the extension can't be listed or queried.
+ */
+extern int (*UntrustedProcVector[256])(ClientPtr client);
+extern int (*SwappedUntrustedProcVector[256])(ClientPtr client);
+
+extern Bool SecurityCheckDeviceAccess(ClientPtr client, DeviceIntPtr dev,
+ Bool fromRequest);
+
+extern void SecurityAudit(char *format, ...);
+
+extern int XSecurityOptions(int argc, char **argv, int i);
+
+/* Give this value or higher to the -audit option to get security messages */
+#define SECURITY_AUDIT_LEVEL 4
+
+extern void SecurityCensorImage(
+ ClientPtr client,
+ RegionPtr pVisibleRegion,
+ long widthBytesLine,
+ DrawablePtr pDraw,
+ int x, int y, int w, int h,
+ unsigned int format,
+ char * pBuf);
+
+#define SecurityAllowOperation 0
+#define SecurityIgnoreOperation 1
+#define SecurityErrorOperation 2
+
+extern char
+SecurityCheckPropertyAccess(
+ ClientPtr client,
+ WindowPtr pWin,
+ ATOM propertyName,
+ Mask access_mode);
+
+#define SECURITY_POLICY_FILE_VERSION "version-1"
+
+extern char **SecurityGetSitePolicyStrings(int *n);
+
+#endif /* _SECURITY_SRV_H */